exploitDog

GHSA-cchj-4x5r-9r76

Опубликовано: 14 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 8.8

Описание

An eval injection vulnerability in the Python web server routing on the Zyxel NAS 326 version 5.21 and below allows a remote authenticated attacker to execute arbitrary code via the tjp6jp6y4, simZysh, and ck6fup6 APIs.

An eval injection vulnerability in the Python web server routing on the Zyxel NAS 326 version 5.21 and below allows a remote authenticated attacker to execute arbitrary code via the tjp6jp6y4, simZysh, and ck6fup6 APIs.

Ссылки

EPSS

Процентиль: 81%

0.0147

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-94

Связанные уязвимости

CVE-2019-10633

CVSS3: 8.8

nvd

почти 7 лет назад

An eval injection vulnerability in the Python web server routing on the Zyxel NAS 326 version 5.21 and below allows a remote authenticated attacker to execute arbitrary code via the tjp6jp6y4, simZysh, and ck6fup6 APIs.

EPSS

Процентиль: 81%

0.0147

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-94